TimeTrust: Robust timing via hardware roots of trust and non-standard hardware
In our TimeTrust project, we are using and building on the cryptographic functionalities of hardware roots of trust, such as Trusted Platform Modules, to create more secure real-life protocols, including contactless payments and timing/distance-dependent authentication.
For instance, in contactless payments, fraud can take the form of payments made when the payee and payment terminal are not in proximity. This project examines these issues and proposes solutions based on hardware roots of trust, accompanied by formal treatments of security and practical assessments. The TimeTrust solutions are designed to be easy to re-deploy in existing infrastructures, and developed in collaboration with major players in the electronic-payment market.
In the same area, a GCHQ-funded PhD studentship is currently being undertaken to investigate the cryptographic design and provable security of contactless Europay, Mastercard and Visa (EMV) payment systems.